Compliance and Security Framework Intern

Description

About Us:

Navvis is a leading population health company, driving performance in value-based care. As an operating partner to some of the country’s most innovative health systems, physician enterprises, and health plans, we provide solutions that accelerate the journey to value-based care. Our approach is market-based – we respect the unique needs of populations in each community, including access to care, culture, values, and capabilities. Together with our partners, we set a new national standard in healthcare performance that delivers the affordability, quality, access, and experience that all patients deserve.

Learn more at: www.navvishealthcare.com 

As a Compliance and Security Framework Intern you will: 

• Assist our IT compliance team in supporting regulatory and security framework initiatives, including HITRUST, SOC 2, HIPAA Security Rule, and CIS Controls 
• Be responsible for gathering and organizing compliance evidence, reviewing framework requirements, and helping with document alignment with each control within our compliance tracking platform  
• Gain exposure to industry-standard compliance frameworks and audit processes.
• Participate in hands-on experience with evidence collection and control mapping.
• Gain insight into risk management, policy development, and enterprise IT operations.

A Day in the Life:

• Check compliance tracking system (e.g., Cynomi) for assigned evidence tasks
• Collect documentation for controls (e.g., screenshots, policies, logs)
• Map and tag evidence to specific HITRUST, SOC 2, HIPAA, or CIS controls and create tasks to update evidence on a recurring schedule
• Cross-reference policies and procedures against framework requirements
• Collaborate with IT/security staff to clarify technical evidence
• Update task statuses and documentation in tracking software
• Flag potential gaps or missing items for review
• Join meetings with operations or infrastructure teams
• Log progress and prepare questions 

What success looks like in this role:

• Understanding and experience working with industry-standard cybersecurity frameworks (such as NIST CSF, HIPAA Security Rule, CIS Benchmarks, HITRUST, etc)

Requirements

We are excited about you if you have these things:

• Currently living near St. Louis, MO or will be in the summer of 2025
• Strong verbal and written communication and attention to detail
• Comfortable working in a fast-paced and dynamic setting
• Currently pursuing a Bachelor’s or master’s degree in Cybersecurity, Information Systems, Health Informatics, or a related field.
• Basic knowledge of IT compliance and security concepts (familiarity with HITRUST, HIPAA, SOC 2, or CIS is a plus).
• Strong organizational and research skills with attention to detail.
• Proficient in Microsoft Office and comfortable navigating cloud-based systems.
• Ability to handle confidential data with discretion and professionalism
• Self-motivated and capable of working independently with supervision

 What you'll get:

Navvis is committed to attracting the most insightful and motivated talent by providing a candidate and onboarding experience that you won't find elsewhere! We foster an environment and culture that allow people to be creative, feel connected and be inspired to do their best work no matter where they are on the map. For all colleagues at Navvis, we strive to ensure that they have everything needed to be successful. From the basics like a competitive total rewards strategy, volunteering and social engagement activities to creating company experiences that challenge you to think differently and do different things as part of our never stop learning ecosystem, we support the whole person when you become a team member at Navvis.

Our Commitment:

Navvis is an equal employment opportunity and affirmative action employer seeking diversity in qualified applicants for employment. All applicants will receive consideration for employment without regard to race, ethnicity, color, gender, gender identity, age, religion, creed, national origin, ancestry, disability, perceived disability, medical condition, genetic information, military or veteran status, sexual orientation, or any other protected status, as defined by applicable law. Prior to the next step in the recruiting process, we welcome you to inform us confidentially if you may require any special accommodation to complete your application and participate fully in our recruitment experience. Contact us at H.R@navvishealthcare.com. 

#LI-Hybrid

#Intern